tapisrv.dll

  • File Path: C:\Windows\system32\tapisrv.dll
  • Description: Microsoft Windows(TM) Telephony Server

Hashes

Type Hash
MD5 20CEAECE4ECDEBC89C82F1998696D596
SHA1 C5D390D27B4859BD9CF267B539AD80B04BC78328
SHA256 439559DE34BE096824CB70A97524E843CE2802092A9C882167F4CB08FE9664A7
SHA384 A2EBFD39AB5279BE8C8789DC8CEBD60F9F5C158C72EAC1E3D38DA031D048D58792B2D4D66843B6A964357114ED248591
SHA512 A057DFFFA9A7752B4747CBCF3DB62C1EB7D54826F56932B21F8C097037A93C8D745151C4A7FBD114826B6A708F17B556D8125D513B407933E736434E6A868222
SSDEEP 6144:6X4cpoiSX8F/u6/1YbCtgRUSXEF1LLWdYiL6aosUJ4P3yzbsYo:bcpoidFfYbCW7UF1LLWqmZY
IMP 6ABA8903EB7E4BE23E07D9607806E424
PESHA1 CB6D0D289C6781A5BC0E60B015B0358B027BBF86
PE256 314CC86155F76D2245BC97C88F16F8BB2D5E8B8D1549B83DC93564A3D38D0018

DLL Exports:

Function Name Ordinal Type
SvchostPushServiceGlobals 2 Exported Function
ServiceMain 1 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: TAPISRV.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/65
  • VirusTotal Link: https://www.virustotal.com/gui/file/439559de34be096824cb70a97524e843ce2802092a9c882167f4cb08fe9664a7/detection/

Possible Misuse

The following table contains possible examples of tapisrv.dll being misused. While tapisrv.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .tapisrv.dll``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.